[Lazamataz]

You highlighted the wrong part of the sentence: "In addition, disclosure of protected health information, without the individual's authorization, is permitted where the circumstances of the emergency implicates law enforcement activities (see 45 CFR 164.512(f)); national security and intelligence activities (see 45 CFR 164.512(k)(2)); or judicial and administrative proceedings (see 45 CFR 164.512(e)).

I don't think this is new, actually. Law enforcement and the courts have always had the ability to subpeona and/or demand all of your information.

[Mr. Bird]

You are, of course, correct. A couple of high-profile incidents brought HIPAA regulations into being. In once case, a banker acquired medical histories on loan holders. He called in the loans on those who were terminal. Another case involved stealing a computer disk with the names of over 2,000 AIDS patients and the subsequent fallout.

The truth of the matter is that most, if not all, health care providers already had policies in place that restricted the disclosure of medical information. In most cases, those policies are more stringent than HIPAA. However, now these providers must maintain the administrative documentation required by the law. That is where the expense comes in.

And a less publicized (now) provision of HIPAA has been applauded by many individuals: The "portability" section prohibits insurers from denying coverage to those who already have such coverage, meaning you can change employers and not worry about existing condition provisions in their health plans.

[mabelkitty]

Yes, but only for just cause and not due to curiousity by some publicly funded flunkie.